Move SECRETS in a new component 📦️ #45571
Conversation
Revert "📦 Move secret into a new component" This reverts commit 364d22f. 📦 Move secret into a new component
|
Hey! I see that this is your first PR. That is great! Welcome! Symfony has a contribution guide which I suggest you to read. In short:
Review the GitHub status checks of your pull request and try to solve the reported issues. If some tests are failing, try to see if they are failing because of this change. When two Symfony core team members approve this change, it will be merged and you will become an official Symfony contributor! I am going to sit back now and wait for the reviews. Cheers! Carsonbot |
| @@ -29,6 +29,7 @@ | |||
| "symfony/polyfill-mbstring": "~1.0", | |||
| "symfony/filesystem": "^5.4|^6.0", | |||
| "symfony/finder": "^5.4|^6.0", | |||
| "symfony/secret": "^5.4|^6.0", | |||
There was a problem hiding this comment.
This should be:
| "symfony/secret": "^5.4|^6.0", | |
| "symfony/secret": "^6.1", |
Cause this component will not exists before that release.
| @@ -9,7 +9,9 @@ | |||
| * file that was distributed with this source code. | |||
| */ | |||
|
|
|||
| namespace Symfony\Bundle\FrameworkBundle\Secrets; | |||
There was a problem hiding this comment.
Instead of moving you should copy & extend those new files by old ones to have BC.
There was a problem hiding this comment.
It is not a problem that the component is dependent on the FrameworkBundle?
There was a problem hiding this comment.
It is, but we can do differently.
The deprecated framework-bundle classes should extend the new component’s classes, or be aliased to them (see e.g.
There was a problem hiding this comment.
All classes are flagged @internal. As long as symfony/secret is a required dependency we don't need to use this trick.
But if we decide to make synfony/secret optional (see my comment #45571 (comment)), in that case, we should keep a BC layer in the FrameworkBundle
|
|
||
| /** | ||
| * @author Nicolas Grekas <p@tchwork.com> | ||
| * | ||
| * @internal |
There was a problem hiding this comment.
Most likely should be still there.
There was a problem hiding this comment.
Even if used in the FramworkBundle ?
There was a problem hiding this comment.
I also interpret it that no external project may rely on the interfaces of the class. In that case yes, usage in other libraries of the symfony package should work together with the internal tag.
| @@ -9,12 +9,12 @@ | |||
| * file that was distributed with this source code. | |||
| */ | |||
|
|
|||
| namespace Symfony\Bundle\FrameworkBundle\Secrets; | |||
| declare(strict_types=1); | |||
There was a problem hiding this comment.
revert (same comment everywhere)
| 6.1 | ||
| --- | ||
|
|
||
| * added the component |
There was a problem hiding this comment.
| * added the component | |
| * Add the component |
| @@ -29,6 +29,7 @@ | |||
| "symfony/polyfill-mbstring": "~1.0", | |||
| "symfony/filesystem": "^5.4|^6.0", | |||
| "symfony/finder": "^5.4|^6.0", | |||
| "symfony/secret": "^6.1", | |||
There was a problem hiding this comment.
IMHO this should be an optional dependency (The FrameworkBundle does not require secrets to work).
But I'm not sure how we could provide a BC layer (migration path) without requiring it nor duplicating the code.
There was a problem hiding this comment.
can it be also enabled/disabled via a new framework config key?
There was a problem hiding this comment.
can it be also enabled/disabled via a new framework config key?
That's already the case.
The point of NOT making it a required dependency is to avoid downloading everything "just in case". Otherwise, symfony/framework-bundle will become the next symfony/symfony
There was a problem hiding this comment.
oki I got it thx for explanations :)
There was a problem hiding this comment.
Let's make it an optional dependency in 7.0 then? Otherwise we would need to duplicate the code for BC and lose the advantage of the optional dependency in terms of download size.
There was a problem hiding this comment.
@derrabus agreed, but how triggering a deprecation if the user did not require the deps. Otherwise, bumping symfony to 7.0 will uninstall symfony/secrets
There was a problem hiding this comment.
I think, we've had similar problems when we removed messenger transports into bridge packages. How did we solve this issue back then? 🤔
There was a problem hiding this comment.
We made messenger require the bridges (hard dep) until 6.0
| { | ||
| "name": "symfony/secret", | ||
| "type": "library", | ||
| "description": "Provide a vault to keep sensitive information secret", |
There was a problem hiding this comment.
what bout adding some keywords as well?
|
@casahugo hey any news on this PR ? Thank you |
|
I'm sorry to come that late on the proposal but I don't feel like we should add it to Symfony.
I like that and I think that's the way to go. OSS dynamics FTW. 👎 on my side. |
|
@nicolas-grekas would it at least be possible to remove the |
|
Would work for me, please send a PR to have a discussion about this. |
|
@nicolas-grekas Ok. Target branch |
|
6.2 yes |
|
@nicolas-grekas Great. Might take me a few weeks to get to it but I think a few weeks to find the time but I guess it doesn't matter as long as it happens before the next LTS release 😄 |
…ctly outside Symfony (AndreasA) This PR was squashed before being merged into the 6.2 branch. Discussion ---------- [FrameworkBundle] Allow secrets vaults to be used directly outside Symfony | Q | A | ------------- | --- | Branch? | 6.2 | Bug fix? | no | New feature? | yes | Deprecations? | no | Tickets | | License | MIT | Doc PR | This PR removes the internal tag from the secrets vaults. This allows developers to use them directly without the need to use Symfony config etc. They still have to install the whole framework bundle but that just means an overhead during download, they are still able to directly instantiate the vault using `new SodiumVault(....)` for instance. Furthermore, by removing internal from the AbstractVault, it is possible to add a custom vault and specify it replacing the `secrets.vault` service for instance. See ticket: #44151 and previous PR: #45571 Commits ------- df953f0 [FrameworkBundle] Allow secrets vaults to be used directly outside Symfony
…ctly outside Symfony (AndreasA) This PR was squashed before being merged into the 6.2 branch. Discussion ---------- [FrameworkBundle] Allow secrets vaults to be used directly outside Symfony | Q | A | ------------- | --- | Branch? | 6.2 | Bug fix? | no | New feature? | yes | Deprecations? | no | Tickets | | License | MIT | Doc PR | This PR removes the internal tag from the secrets vaults. This allows developers to use them directly without the need to use Symfony config etc. They still have to install the whole framework bundle but that just means an overhead during download, they are still able to directly instantiate the vault using `new SodiumVault(....)` for instance. Furthermore, by removing internal from the AbstractVault, it is possible to add a custom vault and specify it replacing the `secrets.vault` service for instance. See ticket: symfony/symfony#44151 and previous PR: symfony/symfony#45571 Commits ------- df953f038e [FrameworkBundle] Allow secrets vaults to be used directly outside Symfony
…ctly outside Symfony (AndreasA) This PR was squashed before being merged into the 6.2 branch. Discussion ---------- [FrameworkBundle] Allow secrets vaults to be used directly outside Symfony | Q | A | ------------- | --- | Branch? | 6.2 | Bug fix? | no | New feature? | yes | Deprecations? | no | Tickets | | License | MIT | Doc PR | This PR removes the internal tag from the secrets vaults. This allows developers to use them directly without the need to use Symfony config etc. They still have to install the whole framework bundle but that just means an overhead during download, they are still able to directly instantiate the vault using `new SodiumVault(....)` for instance. Furthermore, by removing internal from the AbstractVault, it is possible to add a custom vault and specify it replacing the `secrets.vault` service for instance. See ticket: symfony/symfony#44151 and previous PR: symfony/symfony#45571 Commits ------- df953f038e [FrameworkBundle] Allow secrets vaults to be used directly outside Symfony
First commit to move secret in a new component